Vulnerability Assessment Tools
NetSPI consultants dedicate time and resources to develop open-sourced tool sets that strengthen the infosec community.
PowerUpSQL supports SQL Server discovery, auditing for common weak configurations, and privilege escalation on scale for internal penetration testing and read team engagements.
InveighZero is a C# LLMNR/mDNS/NBNS spoofer and man-in-the-middle tool designed to assist penetration testers/red teamers that find themselves limited to a Windows system.
NetSPI SQL Injection Wiki
Our wiki is a comprehensive knowledge base for SQL injection. You’ll find resources on identifying, exploiting, and escalating SQL injection vulnerabilities across database management systems.
Burp Extractor is a one-size-fits-all tool that uses regex for extracting data from HTTP responses – such as CSRF tokens, Auth Bearer tokens, timestamps, etc. – to be reused in HTTP requests sent through Burp.
AWSSigner looks for the “X-AMZ-Date” header in Burp requests. If it finds a request, it will update the signature in the request with your access key, secret key region and service.
Tokenvator is a .NET tool used to elevate permissions on Windows. It works by impersonating or altering authentication tokens.
SQLC2 is a PowerShell script for deploying and managing a command and control system that uses SQL Server as both the control server and the agent.
WebLogic Password Decryptor is a PowerShell and Java tool to decrypt WebLogic passwords and gain access to other systems and Oracle databases.
Invoke-ExternalDomainBruteForce is a bruteforce tool for automated password-guessing on managed and federated domains.
Get-AdDecodedPassword uses the Active Directory PowerShell Module to query Active Directory and decode UnixUserPassword, UserPassword, unicodePwd, or msSFU30Password fields.
GET-MSSQLALLCredentials is a PowerShell tool to identify all MSSQL instances on a server, determine the encryption algorithm and automate credential password decryption.
DAFT: Database Audit Framework & Toolkit
DAFT is a MSSQL database auditing and assessment tool written in C# that can identify non-default databases and database tables, search for sensitive data by keyword and execute SQL commands.
PowerSkype is a PowerShell tool to attack federated Skype for Business instances that allows you to validate email addresses, get Skype availability, send phishing messages and more.
Invoke-TheHash is a PowerShell to pass the hash WMI and SMB tasks. Authentication is performed by passing an NTLM hash into the NTLMv2 authentication protocol.